CrowdStrike · carlosmmatos · Mar 16, 2026 · Mar 12, 2026
@@ -43,9 +43,10 @@ CrowdStrike now provides unified images that work across all regions:
 - **`falcon-sensor`** (unified) - Single sensor image for version 7.31+
 - **`falcon-container`** (unified) - Single container image for version 7.33+
 - **`falcon-kac`** (unified) - Single KAC image for version 7.33+
+- **`falcon-imageanalyzer`** (unified) - Single IAR image for version 1.0.24+
 
 > [!IMPORTANT]
-> **Backward Compatibility**: Existing users automatically receive unified images. For regional images, use `-t falcon-sensor-regional`, `-t falcon-container-regional`, or `-t falcon-kac-regional`.
+> **Backward Compatibility**: Existing users automatically receive unified images. For regional images, use `-t falcon-sensor-regional`, `-t falcon-container-regional`, `-t falcon-kac-regional`, or `-t falcon-imageanalyzer-regional`.
 
 ## Security recommendations
 
@@ -67,7 +68,7 @@ To check your version of cURL, run the following command: `curl --version`
 > [!IMPORTANT]
 > The following API scopes are the minimum required to retrieve the images. If you need to perform other operations post-retrieval, please refer to the CrowdStrike documentation to identify any additional scopes that may be required.
 
-- **falcon-sensor | falcon-sensor-regional | falcon-container | falcon-container-regional | falcon-kac | falcon-kac-regional | falcon-imageanalyzer | falcon-jobcontroller | falcon-registryassessmentexecutor**
+- **falcon-sensor | falcon-sensor-regional | falcon-container | falcon-container-regional | falcon-kac | falcon-kac-regional | falcon-imageanalyzer | falcon-imageanalyzer-regional | falcon-jobcontroller | falcon-registryassessmentexecutor**
   - `Sensor Download (read)`
   - `Falcon Images Download (read)`
 - **falcon-snapshot**
@@ -107,11 +108,14 @@ Optional Flags:
                                                    Available sensor types:
                                                    -----------------------
                                                    falcon-container
+                                                   falcon-container-regional
                                                    falcon-sensor
                                                    falcon-sensor-regional
                                                    falcon-kac
+                                                   falcon-kac-regional
                                                    falcon-snapshot
                                                    falcon-imageanalyzer
+                                                   falcon-imageanalyzer-regional
                                                    fcs
                                                    falcon-jobcontroller
                                                    falcon-registryassessmentexecutor
@@ -146,7 +150,7 @@ Help Options:
 | `-c`, `--copy <REGISTRY/NAMESPACE>`            | `$COPY`                 | `None` (Optional)             | Registry you want to copy the sensor image to. Example: `myregistry.com/mynamespace`. <br> *\*By default, the image name and tag are appended. Use `--copy-omit-image-name` and/or `--copy-custom-tag` to change that behavior.*           |
 | `-v`, `--version <SENSOR_VERSION>`             | `$SENSOR_VERSION`       | `None` (Optional)             | Specify sensor version to retrieve from the registry                                                                                                                                                                                                     |
 | `-p`, `--platform <SENSOR_PLATFORM>`           | `$SENSOR_PLATFORM`      | `None` (Optional)             | Specify sensor platform to retrieve from the registry                                                                                                                                                                                                    |
-| `-t`, `--type <SENSOR_TYPE>`                   | `$SENSOR_TYPE`          | `falcon-container` (Optional) | Specify which sensor to download [`falcon-container`, `falcon-sensor`, `falcon-sensor-regional`, `falcon-kac`, `falcon-snapshot`, `falcon-imageanalyzer`, `fcs`, `falcon-jobcontroller`, `falcon-registryassessmentexecutor`] ([see more details below](#sensor-types)) |
+| `-t`, `--type <SENSOR_TYPE>`                   | `$SENSOR_TYPE`          | `falcon-container` (Optional) | Specify which sensor to download [`falcon-container`, `falcon-container-regional`, `falcon-sensor`, `falcon-sensor-regional`, `falcon-kac`, `falcon-kac-regional`, `falcon-snapshot`, `falcon-imageanalyzer`, `falcon-imageanalyzer-regional`, `fcs`, `falcon-jobcontroller`, `falcon-registryassessmentexecutor`] ([see more details below](#sensor-types)) |
 | `--runtime`                                    | `$CONTAINER_TOOL`       | `docker` (Optional)           | Use a different container runtime [docker, podman, skopeo]. **Default is Docker**.                                                                                                                                                                       |
 | `--dump-credentials`                           | `$CREDS`                | `False` (Optional)            | Print registry credentials to stdout to copy/paste into container tools                                                                                                                                                                                  |
 | `--get-image-path`                             | N/A                     | `None`                        | Get the full image path including the registry, repository, and latest tag for the specified `SENSOR_TYPE`.                                                                                                                                              |
@@ -171,17 +175,20 @@ Help Options:
 
 The following sensor types are available to download:
 
-| Sensor Image Name                   | Description                                           |
-| :---------------------------------- | :---------------------------------------------------- |
+| Sensor Image Name                   | Description                                                                     |
+| :---------------------------------- |:--------------------------------------------------------------------------------|
 | `falcon-sensor`                     | The Falcon sensor for Linux as a DaemonSet deployment (unified - version 7.31+) |
-| `falcon-sensor-regional`            | The Falcon sensor for Linux as a DaemonSet deployment w/ regions (traditional) |
-| `falcon-container` **(default)**    | The Falcon Container sensor for Linux                 |
-| `falcon-kac`                        | The Falcon Kubernetes Admission Controller            |
-| `falcon-snapshot`                   | The Falcon Snapshot scanner                           |
-| `falcon-imageanalyzer`              | The Falcon Image Assessment at Runtime                |
-| `fcs`                               | The Falcon Cloud Security CLI tool                    |
-| `falcon-jobcontroller`              | The Self Hosted Registry Assessment Jobs Controller   |
-| `falcon-registryassessmentexecutor` | The Self Hosted Registry Assessment Executor          |
+| `falcon-sensor-regional`            | The Falcon sensor for Linux as a DaemonSet deployment w/ regions (traditional)  |
+| `falcon-container` **(default)**    | The Falcon Container sensor for Linux (unified - version 7.33+)                 |
+| `falcon-container-regional`         | The Falcon Container sensor for Linux w/ regions (traditional)                  |
+| `falcon-kac`                        | The Falcon Kubernetes Admission Controller (unified - version 7.33+)            |
+| `falcon-kac-regional`               | The Falcon Kubernetes Admission Controller w/ regions (traditional)             |
+| `falcon-snapshot`                   | The Falcon Snapshot scanner                                                     |
+| `falcon-imageanalyzer`              | The Falcon Image Assessment at Runtime (unified - version 1.0.24+)              |
+| `falcon-imageanalyzer-regional`     | The Falcon Image Assessment at Runtime w/ regions (traditional)                 |
+| `fcs`                               | The Falcon Cloud Security CLI tool                                              |
+| `falcon-jobcontroller`              | The Self Hosted Registry Assessment Jobs Controller                             |
+| `falcon-registryassessmentexecutor` | The Self Hosted Registry Assessment Executor                                    |
 
 ### Examples
 

@@ -36,6 +36,7 @@ Optional Flags:
                                                    falcon-kac-regional
                                                    falcon-snapshot
                                                    falcon-imageanalyzer
+                                                   falcon-imageanalyzer-regional
                                                    fcs
                                                    falcon-jobcontroller
                                                    falcon-registryassessmentexecutor
@@ -302,7 +303,7 @@ format_tags() {
     local all_tags=$1
 
     case "${SENSOR_TYPE}" in
-        "falcon-snapshot" | "falcon-imageanalyzer" | "fcs" | "falcon-jobcontroller" | "falcon-registryassessmentexecutor")
+        "falcon-snapshot" | "falcon-imageanalyzer" | "falcon-imageanalyzer-regional" | "fcs" | "falcon-jobcontroller" | "falcon-registryassessmentexecutor")
             echo "$all_tags" |
                 sed -n 's/.*"tags" : \[\(.*\)\].*/\1/p' |
                 tr -d '"' | tr ',' '\n' |
@@ -439,7 +440,7 @@ detect_container_tool() {
 display_api_scopes() {
     local sensor_type=$1
     case "${sensor_type}" in
-        falcon-sensor | falcon-sensor-regional | falcon-container | falcon-container-regional | falcon-kac | falcon-kac-regional | falcon-imageanalyzer | falcon-jobcontroller | falcon-registryassessmentexecutor)
+        falcon-sensor | falcon-sensor-regional | falcon-container | falcon-container-regional | falcon-kac | falcon-kac-regional | falcon-imageanalyzer | falcon-imageanalyzer-regional | falcon-jobcontroller | falcon-registryassessmentexecutor)
             echo "Sensor Download [read], Falcon Images Download [read]"
             ;;
         falcon-snapshot)
@@ -544,7 +545,7 @@ fi
 
 # Check if SENSOR_TYPE is set to a valid value
 case "${SENSOR_TYPE}" in
-    falcon-container | falcon-container-regional | falcon-sensor | falcon-sensor-regional | falcon-kac | falcon-kac-regional | falcon-snapshot | falcon-imageanalyzer | fcs | falcon-jobcontroller | falcon-registryassessmentexecutor) ;;
+    falcon-container | falcon-container-regional | falcon-sensor | falcon-sensor-regional | falcon-kac | falcon-kac-regional | falcon-snapshot | falcon-imageanalyzer | falcon-imageanalyzer-regional | fcs | falcon-jobcontroller | falcon-registryassessmentexecutor) ;;
     *) die """
     Unrecognized sensor type: ${SENSOR_TYPE}
     Valid values are:
@@ -556,6 +557,7 @@ case "${SENSOR_TYPE}" in
         falcon-kac-regional
         falcon-snapshot
         falcon-imageanalyzer
+        falcon-imageanalyzer-regional
         fcs
         falcon-jobcontroller
         falcon-registryassessmentexecutor""" ;;
@@ -576,6 +578,11 @@ if [ "${SENSOR_TYPE}" = "falcon-kac-regional" ]; then
     echo "WARNING: Use 'falcon-kac' for the new unified KAC image as the regional KAC images will eventually be EOL."
 fi
 
+# Add deprecation warning for falcon-imageanalyzer-regional
+if [ "${SENSOR_TYPE}" = "falcon-imageanalyzer-regional" ]; then
+    echo "WARNING: Use 'falcon-imageanalyzer' for the new unified IAR image as the regional IAR images will eventually be EOL."
+fi
+
 #Check all mandatory variables set
 VARIABLES="FALCON_CLIENT_ID FALCON_CLIENT_SECRET"
 {
@@ -652,6 +659,18 @@ registry_opts=$(
         else
             echo "falcon-kac/$FALCON_CLOUD"
         fi
+    # Handle unified falcon-imageanalyzer format (no region)
+    elif [ "${SENSOR_TYPE}" = "falcon-imageanalyzer" ]; then
+        echo "falcon-imageanalyzer"
+    # Handle falcon-imageanalyzer-regional with traditional regional paths
+    elif [ "${SENSOR_TYPE}" = "falcon-imageanalyzer-regional" ]; then
+        if [ "${FALCON_CLOUD}" = "us-gov-1" ]; then
+            echo "falcon-imageanalyzer/gov1"
+        elif [ "${FALCON_CLOUD}" = "us-gov-2" ]; then
+            echo "falcon-imageanalyzer/gov2"
+        else
+            echo "falcon-imageanalyzer/$FALCON_CLOUD"
+        fi
     # Account for govcloud api mismatch for other sensor types
     elif [ "${FALCON_CLOUD}" = "us-gov-1" ]; then
         echo "$SENSOR_TYPE/gov1"
@@ -727,7 +746,11 @@ elif [ "${SENSOR_TYPE}" = "falcon-snapshot" ]; then
     repository_name="$BUILD_STAGE/cs-snapshotscanner"
     registry_type="snapshots"
 elif [ "${SENSOR_TYPE}" = "falcon-imageanalyzer" ]; then
-    # overrides for Image Analyzer
+    # Unified format: use falcon-imageanalyzer image name
+    IMAGE_NAME="falcon-imageanalyzer"
+    repository_name="$BUILD_STAGE/falcon-imageanalyzer"
+elif [ "${SENSOR_TYPE}" = "falcon-imageanalyzer-regional" ]; then
+    # Regional format: use falcon-imageanalyzer image name (same as unified)
     IMAGE_NAME="falcon-imageanalyzer"
     repository_name="$BUILD_STAGE/falcon-imageanalyzer"
 elif [ "${SENSOR_TYPE}" = "fcs" ]; then